Pages

Tuesday, April 29, 2014

The Heartbleed vulnerability is less of a game-changer and more of a reminder that online security is precious and vulnerable. There have been major breaches before and there will be again. The question is: will your data center be ready to handle the next breach? There is no real online security without a response plan to fall back on when, not if, security is breached.
Perhaps the most damning to the idea of flawless security online came from the revelation that some government agencies, US-based and otherwise, and had used it for the purposes of reconnaissance on citizens. More than ever, the proper response to security is not to try to build something impenetrable, but to have a plan that keeps data, even once accessed, from being able to do much damage.

Possible Solutions

Circles online including white hat Moxie Marlinspike are saying that the only real way to prevent this kind of vulnerability from being a massive breach is to get rid of plain text internet entirely, and to use HTTPS as a new standard. Encrypted data like this allows for another barrier between the data and those who would seek to compromise the security through attacking risk vectors.
There are downsides to this arrangement, however, including the increased cost of using SSL and the difficulty of requiring the unique certificate process that SSL uses on every small website that's being used.
Another idea for increased global security is called forward secrecy, which operates on a function similar to the popular mobile app, Snapchat. Once you're done with a session, your key disappears. This allows for data that is much harder to break into once it has been taken, so that anyone who wanders off a server with a load of encrypted information is much less likely to find a way to read it.

Response Plans

Your data server needs to be able to deploy patches and updates remotely and with little effort. Much of responding to security breaches require on-time fast-acting responses to severe problems. Using not only encryption, but additional security products is highly important.
Anyone who relies on your network for security is going to feel betrayed when their privacy is broken by a hack. A script for what to follow and how to break the news to customers quickly and easily is the only way to keep and/or regain trust in the wake of a security breach.
Make sure that all of your employees, not just those who are involved with security, understand security risks. The human element is commonly the most easily compromised link in the chain, and workers are regularly bamboozled into giving out critical information. If they are well-trained in security, though, they can be a strong line of defense that actively upkeep your network's security.
Google is a good case study on responding to security breaches correctly: they quickly patched their platforms and immediately educated the public on the threat and recommended security fixes for them.

Mozilla has released a new stable version of its Firefox browser which adopts the Australis user interface.The friction within the Mozilla board did not alter the pace of development and the new Firefox is available for download .

Initially expected for Firefox 24, the Australis interface has now officially appeared on the browser. It is characterized by less angular tabs and better display.

Much like Chrome, we could now find the options menu to the right of the address bar. It provides access to preferences, extensions, options or full screen mode.

Firefox 29 also features a new synchronization module. More
specifically, it will be easier to ensure the transfer of data by
creating a user account rather than entering a security key. For each account, it will be
possible to retrieve bookmarks, add- ons, passwords, browsing history
or preferences and tabs.

For those of you who are nostalgic, it is possible to reload the old UI by downloading this extension: old-firefox

Monday, April 28, 2014

The XboxOnewas releasedin late 2013and 5 millionconsoles have beenshipped toretailers since.These5 millionXboxdo not representsales of the consolesince many of then are stillenthronedon the shelves ofshops which making Microsoft consider suspending the productionof its consolefor some timetosell thestocks.

Of course, the situationcould changeifMicrosoftannounces at the E3 some new games thatwill boostthe sales of theXbox.Microsofthasreleased itsconsolein 13 countriesso far,but it will be available in more marketsinthe coming months, which will allow them tosell thestocks and re-boot the production.

Sunday, April 6, 2014

Who among us hasn't got a speeding ticket because of speed ​​Radars that are everywhere. Some hackers have developed an extraordinary solution! You only have to tape a piece of paper over the registration plate and write an SQL injection on it.

But what is a SQL injection?It is a technique that alters existing SQL commands
to overwrite values ​or execute commands to expose hidden data. In this case, a little trick to defeat speed radars on our roads.Learn more about SQL injections

How does it work? Current speed radars operate through character recognition algorithms allowing them to recognize your vehicule registration number. With a paper taped over the licence plate, it would be impossible for them recognize it.But here's the fun part, if an SQL injection managed to work, it could very well, for example, delete the database from the police servers.

About Me

Hi, I'm Hadi, currently an engineering student and a Tech Blogger (mainly), and I would like to ask you to excuse my writing and my attempts to be funny.I have a background in web development, image processing, programming and networking and for that you should trust my posts.